Re: Question for VPN experts

2008-09-04 Thread Steven Knowles 
Oh, I tried using MacOS built in VPN client. After putting in what I  
think are correct settings (namely server address, account name, and  
user authentication password), I click the Connect button, and simply  
nothing happens. No connection, no error message, nothing. It's as if  
the Connect button is non functional. I don't know whether I need to  
enter anything into the Machine Authentication fields, but if I do I  
don't know what they are.


Cheers, Steven


On 05/09/2008, at 1:45 AM, Steven wrote:

Hoping for a suggestion or two to help me jump over another obstacle  
in my never-ending saga of accessing a remote server via VPN.


Currently using Cisco's VPN Client 4.9.01 (latest) on latest MacOS.

It doesn't connect. The log of VPN Client states the following,  
which is beyond me. I've manually replaced server's IP address with  
xx.xxx.xxx.xx.




At the other end, they have suggested turning off firewall, but I  
have tried setting MacOS firewall setting to allow all incoming  
connections, and the above log is what is returned.


In the absence of anyone knowing what's causing the problem, would  
using a different VPN client help? If so, anyone have a suggestion  
for an alternative VPN client?


Cheers, Steven


-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Unsubscribe -

Question for VPN experts

2008-09-04 Thread Steven Knowles 
Hoping for a suggestion or two to help me jump over another obstacle  
in my never-ending saga of accessing a remote server via VPN.


Currently using Cisco's VPN Client 4.9.01 (latest) on latest MacOS.

It doesn't connect. The log of VPN Client states the following, which  
is beyond me. I've manually replaced server's IP address with  
xx.xxx.xxx.xx.


--
Cisco Systems VPN Client Version 4.9.01 (0100)
Copyright (C) 1998-2006 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Mac OS X
Running on: Darwin 9.4.0 Darwin Kernel Version 9.4.0: Mon Jun  9  
19:30:53 PDT 2008; root:xnu-1228.5.20~1/RELEASE_I386 i386

Config file directory: /etc/opt/cisco-vpnclient

1  01:01:16.253  09/05/2008  Sev=Info/4 CM/0x4312
Begin connection process

2  01:01:16.254  09/05/2008  Sev=Info/4 CM/0x4314
Establish secure connection using Ethernet

3  01:01:16.254  09/05/2008  Sev=Info/4 CM/0x43100024
Attempt connection with server "xx.xxx.xxx.xx"

4  01:01:16.254  09/05/2008  Sev=Info/4 CVPND/0x43400019
Privilege Separation: binding to port: (500).

5  01:01:16.255  09/05/2008  Sev=Info/4 CVPND/0x43400019
Privilege Separation: binding to port: (4500).

6  01:01:16.255  09/05/2008  Sev=Info/6 IKE/0x433B
Attempting to establish a connection with xx.xxx.xxx.xx.

7  01:01:16.350  09/05/2008  Sev=Info/4 IKE/0x4313
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd),  
VID(Frag), VID(Nat-T), VID(Unity)) to xx.xxx.xxx.xx


8  01:01:16.594  09/05/2008  Sev=Info/4 IPSEC/0x4378
IPSec driver successfully started

9  01:01:16.595  09/05/2008  Sev=Info/4 IPSEC/0x43700014
Deleted all keys

10 01:01:17.969  09/05/2008  Sev=Info/5 IKE/0x432F
Received ISAKMP packet: peer = xx.xxx.xxx.xx

11 01:01:17.969  09/05/2008  Sev=Info/4 IKE/0x4314
RECEIVING <<< ISAKMP OAK AG (SA, VID(Xauth), VID(dpd), VID(Unity),  
VID(?), KE, ID, NON, HASH) from xx.xxx.xxx.xx


12 01:01:17.969  09/05/2008  Sev=Info/5 IKE/0x4301
Peer supports XAUTH

13 01:01:17.969  09/05/2008  Sev=Info/5 IKE/0x4301
Peer supports DPD

14 01:01:17.969  09/05/2008  Sev=Info/5 IKE/0x4301
Peer is a Cisco-Unity compliant peer

15 01:01:17.969  09/05/2008  Sev=Info/5 IKE/0x4382
Received IOS Vendor ID with unknown capabilities flag 0x0025

16 01:01:18.060  09/05/2008  Sev=Warning/3  IKE/0xC357
The received HASH payload cannot be verified

17 01:01:18.061  09/05/2008  Sev=Warning/2  IKE/0xC37E
Hash verification failed... may be configured with invalid group  
password.


18 01:01:18.061  09/05/2008  Sev=Warning/2  IKE/0xC39B
Failed to authenticate peer (Navigator:904)

19 01:01:18.061  09/05/2008  Sev=Info/4 IKE/0x4313
SENDING >>> ISAKMP OAK INFO (NOTIFY:INVALID_HASH_INFO) to xx.xxx.xxx.xx

20 01:01:18.061  09/05/2008  Sev=Info/4 IKE/0x4313
SENDING >>> ISAKMP OAK INFO (NOTIFY:AUTH_FAILED) to xx.xxx.xxx.xx

21 01:01:18.061  09/05/2008  Sev=Warning/2  IKE/0xC3A7
Unexpected SW error occurred while processing Aggressive Mode  
negotiator:(Navigator:2237)


22 01:01:18.061  09/05/2008  Sev=Info/4 IKE/0x4317
Marking IKE SA for deletion  (I_Cookie=DF71A8F51BE1CB6E  
R_Cookie=E67FEB28B8A699A6) reason = DEL_REASON_IKE_NEG_FAILED


23 01:01:18.594  09/05/2008  Sev=Info/4 IKE/0x434B
Discarding IKE SA negotiation (I_Cookie=DF71A8F51BE1CB6E  
R_Cookie=E67FEB28B8A699A6) reason = DEL_REASON_IKE_NEG_FAILED


24 01:01:18.594  09/05/2008  Sev=Info/4 CM/0x43100014
Unable to establish Phase 1 SA with server "xx.xxx.xxx.xx" because of  
"DEL_REASON_IKE_NEG_FAILED"


25 01:01:18.594  09/05/2008  Sev=Info/5 CM/0x43100025
Initializing CVPNDrv

26 01:01:18.595  09/05/2008  Sev=Info/4 CVPND/0x4340001F
Privilege Separation: restoring MTU on primary interface.

27 01:01:18.595  09/05/2008  Sev=Info/4 IKE/0x4301
IKE received signal to terminate VPN connection

28 01:01:19.094  09/05/2008  Sev=Info/4 IPSEC/0x43700014
Deleted all keys

29 01:01:19.095  09/05/2008  Sev=Info/4 IPSEC/0x43700014
Deleted all keys

30 01:01:19.095  09/05/2008  Sev=Info/4 IPSEC/0x43700014
Deleted all keys

31 01:01:19.095  09/05/2008  Sev=Info/4 IPSEC/0x437A
IPSec driver successfully stopped


At the other end, they have suggested turning off firewall, but I have  
tried setting MacOS firewall setting to allow all incoming  
connections, and the above log is what is returned.


In the absence of anyone knowing what's causing the problem, would  
using a different VPN client help? If so, anyone have a suggestion for  
an alternative VPN client?


Cheers, Steven

-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines -